package com.reebake.ideal.security.web;

import com.reebake.ideal.servlet.util.WebUtil;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.web.access.AccessDeniedHandlerImpl;

import java.io.IOException;

public class ResourceAccessDeniedHandler extends AccessDeniedHandlerImpl {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response,
                       AccessDeniedException accessDeniedException) throws IOException, ServletException {
        if(WebUtil.isAjaxRequest(request)) {
            response.setStatus(HttpStatus.FORBIDDEN.value());
        }else {
            super.handle(request, response, accessDeniedException);
        }
    }
}
